Almost any website you visit today is protected by HTTPS. If yours isn’t yet, it should be. Securing your server with HTTPS also means that you can’t send requests to this server from one that isn’t protected by HTTPS. This poses a problem for developers who use a local development environment because all of them run on http://localhost out-of-the-box.

At the startup I’m a part of, we decided to secure our AWS Elastic Load Balancer endpoints with HTTPS as part of a move to enhance security. I ran into a situation where my local development environment’s requests to the server started getting rejected.

This proposal introduces a new operator |> similar to F#, OCaml, Elixir, Elm, Julia, Hack, and LiveScript, as well as UNIX pipes. It's a backwards-compatible way of streamlining chained function calls in a readable, functional manner, and provides a practical alternative to extending built-in prototypes.

Introduction

The pipeline operator is essentially a useful syntactic sugar on a function call with a single argument. In other words, sqrt(64) is equivalent to 64 |> sqrt.

This allows for greater readability when chaining several functions together. For example, given the following functions:

Thanks to ES6 and the likes of Babel, writing JavaScript has become incredibly dynamic, from new language syntax to custom parsing like JSX. I've become a big fan of the spread operator, three dots that may change the way you complete tasks within JavaScript. The following is a listing of my favorite uses of the spread operator within JavaScript!

Calling Functions without Apply

To this point we've called Function.prototype.apply, passing an array of arguments, to call a function with a given set of parameters held by an array:

The critical vulnerabilities found in Intel and other CPUs represent a significant security risk. Because the flaw is so low level, the usual protections that web developers are used to don't apply. Even sandboxed JavaScript code can be used to exploit the vulnerabilities known as Meltdown and Spectre.

The issue affects Intel CPUs broadly, but also AMD and various ARM processors are suspect to a similar attack. Browser vendors have already started mitigating the issue with Microsoft, for example announcing improvements to Internet Explorer and Microsoft Edge browsers against Speculative Execution. Mozilla has also taken action against

Anyone who’s browsed the web on their phone has, at one point or another, experienced this situation:

You open a web page and click on something, but nothing happens.You click on it again—still nothing happens.You click on something else—nope, nothing.

This is bad enough on its own, but it often doesn’t end there. Here’s what usually happens next:

You start clicking everywhere just to get *some* feedback that your phone isn't broken—then suddenly a bunch of stuff all happens at the same time, and now you're on a completely different page and you have no idea how you got there.

If this sounds familiar, then you’ve experienced the opposite of interactivity on the web. But what exactly does the term “interactivity” mean?

Let's say we wanted to do something specific if obj is an array. JSON.stringify is an example of this, it outputs arrays differently to other objects.

We could do:

But that's false for things that extend arrays:

If you want to catch subclasses, there's instanceof:

But things get more complicated when you introduce multiple realms:

A realm contains the JavaScript global object, which self refers to. So, it can be said that code running in a worker is in a different realm to code running in the page. The same is true between iframes, but same-origin iframes also share an ECMAScript 'agent', meaning objects can… (and please read the next bit in a 70s sci-fi voiceover)

When was the last time you typed in a tilde? Did you even know that little squiggle on the top left corner of your keyboard is called a tilde? More importantly to this blog, do you know what the tilde does in JavaScript? Probably not, but you’ll soon find out.

The tilde is an operator that does something that you’d normally think wouldn’t have any purpose. It is a unary operator that takes the expression to its right performs this small algorithm on it (where N is the expression to the right of the tilde): -(N+1). See below for some samples.

So, unless you actually have an application that needs to run this algorithm on numbers – which I doubt very many people do – how are we going to use this squiggly little character to our advantage?

Last month, we made it easier for you to keep track of the projects your code depends on with the dependency graph, currently supported in Javascript and Ruby. Today, for the over 75 percent of GitHub projects that have dependencies, we’re helping you do more than see those important projects. With your dependency graph enabled, we’ll now notify you when we detect a vulnerability in one of your dependencies and suggest known fixes from the GitHub community.

How to start using security alerts

Whether your projects are private or public, security alerts get vital vulnerability information to the right people on your team.

When your site is adaptive and you want to deliver critical CSS for multiple screen resolutions this is a useful option. note: (your final output will be minified as to eliminate duplicate rule inclusion)

This is a usefull option when you e.g. want to defer loading of webfonts or background images.

Guillermo Rauch tweeted this a while back. Let’s take a quick dive into what it means.

NOTE: This is a cross-post from my newsletter. I publish each email two weeks after it’s sent. Subscribe to get more content like this earlier right in your inbox! 💌

Write tests. Not too many. Mostly integration.

This is deep, albeit short, so let’s dive in:

Write tests.

Yes, for most projects you should write automated tests. You should if you value your time anyway. Much better to catch a bug locally from the tests than getting a call at 2:00 in the morning and fix it then. Often I find myself saving time when I put time in to write tests.

When I recently started to dive into the topic of machine learning, I had to relearn all the things I have studied about linear algebra, stochastic and calculus at school and university. I took a little refresher on matrix operations (addition, subtraction, multiplication and division) in linear algebra and learned about the different types of matrices again: inverse and transpose matrices, and the identity matrix. The article applies those learnings in JavaScript. Furthermore, in the end of the article, there will be a little example to demonstrate why matrices are beneficial for computations in machine learning.

Assuming an ES6 codebase, there are several ways to do interpolation in strings.

You could use string concatenation, involving + signs and a string for each piece of the template you’re working on. Using concatenation can quickly get out of hand when dealing with longer templates, not to mention reusability is hard unless you abstract away your template in a small function.

'Hello ' + name + '! It\'s a pleasure to greet you.'

You could use util.format in Node. Here we have placeholders such as %s which describes how the value is to be formatted, but doesn’t say anything about the value that should be placed in that socket in the template. This method

Build Pipeline

Build Pipeline

The official docs provide a plethora of insight into the API and the platform itself. In the end, however, you need to deploy your new shiny app. This also involves challenges like maintaining multiple environments for testing and staging, incorporating different credentials in an unobtrusive manner, generating release notes and notifying all stakeholders (product managers, testers and designers). After experimenting and struggling with a bunch of approaches, we moved to Fastlane to automate this entire process. Following is an abridged version of our beta release cycle on iOS:

Developers, what if we said that you could completely change the landscape of live video, that you could get your products in front of millions of people daily, and that you could do it all by building a business with Twitch? Today we’re excited to announce the solution to all these problems, and to reveal the next evolution in livestreaming that makes them possible: Twitch Extensions.

Extensions are interactive video player overlays and panels that can be installed directly on the channel page by streamers; what appears in that space is completely defined by you. You’ll now have the opportunity to revolutionize livestreaming by creating new interactions between streamers and viewers in ways that weren’t possible until now.

A couple of month ago, someone asked if I'd written a page bloat update recently. The answer was no. I've written a lot of posts about page bloat, starting way back in 2012, when the average page hit 1MB. To my mind, the topic had been well covered. We know that the general trend is that pages are getting bigger at a fairly consistent rate of growth. It didn't feel like there was much new territory to cover.

Also: it felt like Ilya Grigorik dropped the mic on the page bloat conversation with this awesome post, where he illustrated why the "average page" is a myth. Among the many things Ilya observed after analyzing

Test Impact Analysis (TIA) is a technique that helps determine which subset of tests for a given set of changes.

A similar depiction for tests to run for a hypothetical change.

The key to the idea is that not all tests exercise every production source file (or the classes made from that source file). Code coverage or instrumentation, while tests are running is the mechanism by which that intelligence is gleaned (details below). That intelligence ends up as a map of production sources and tests that would exercise them, but begins as a map of which productions sources a test would exercise.

However, when working with Angular, NgRx or Ionic, we create services, providers and effects files and to help us manipulating the data we use RxJS operators. And even using code snippets, we end up repeating the same RxJS operator imports throughout our files.

For this reason, I usually create a RxJS file with the operators used by the project (usually in the shared or common module). You can also create this file directly in the

KeystoneJS is a content management system and framework to build server applications that interact with a database. It is based on the Express framework for Node.js and uses MongoDB for data storage. It represents a CMS alternative for web developers who want to build a data-driven website but don’t want to get into the PHP platform or large systems like WordPress.

More from this author

Although WordPress can be set up by not so technical users, KeystoneJS offers the control needed for professional ones to develop new websites—although it is still considerably easier to work with KeystoneJS than manually building your website from scratch. It not only offers a platform to build websites; you can replace almost everything on it and develop more specialized systems like applications and APIs.

Our traditional idea of the top five browsers may be over-simplified, outdated and skewed.

If you attend web developer events in much of Europe and North America, inevitably you will see the same browser logos keep cropping up in the speakers’ slides:

Chrome, Firefox, Safari, IE/Edge, Opera… It is a common idea that these are the five “major browsers”. Our familiarity with them is comforting, but it might be a skewed and outdated view. Partly from our Western bubble and partly a hangover from the days of desktop dominance.

Let’s take a look at some numbers so we can better represent the reality.

First, let’s go as broad as we can: all platforms (desktop, tablet, mobile), worldwide. Here’s the top five, in order, according to

All it takes to start tracing is to drop an image into the app, you do not have to sign up or go through a complicated setup process.

The app is built with web technologies, which means it can be used inside a web browser without having to go through the hassle of installation wizards or figuring out if the app is compatible with your operating system.

When used for the first time, it is automatically installed and can be used without an Internet connection afterwards.

Choose any of the included analyses and the app steps you through it so you can finish tracing in a few seconds.

This blog post was written by Arunesh Chandra, Sr. Program Manager, Chakra at Microsoft and Michael Dawson, Runtime Technologies Node.js Technical Lead at IBM.

Node.js has a vibrant module ecosystem, which is key to its continued growth and popularity. The ecosystem includes both JavaScript and native addon modules. Existing native modules are written in C/C++ and directly depend on V8 and/or NAN APIs. The result of this dependency is a lack of API/ABI stability guarantees, requiring native addons to be updated or recompiled for every major Node.js release. By some estimates this affects approximately 30% of the module ecosystem via direct or indirect dependencies. This not only adds to the maintenance burden for native module maintainers, but it also presents a major

Image Capture is an API to capture still images and configure camera hardware settings. This API is available in Chrome 59 on Android and desktop.

The API enables control over camera features such as zoom, brightness, contrast, ISO and white balance. Best of all, Image Capture allows you to access the full resolution capabilities of any available device camera or webcam. Previous techniques for taking photos on the Web have used video snapshots, which are lower resolution than that available for still images.

An ImageCapture object is constructed with a MediaStreamTrack as source. The API has then two capture methods

The real defining characteristic that separates declarative from imperative programming is in declarative style you are not giving sequenced instructions; at the lower level yes the CPU operates this way, but that's a concern of the compiler.

You suggest CSS is a "declarative language", I wouldn't call it a language at all. It's a data structure format, like JSON, XML, CSV, or INI, just a format for defining data that's known to an interpreter of some nature.

Some interesting side effects happen when you take the assignment operator out of a language, and this is the real cause for losing all those step1-step2-step3 imperative instructions in declarative languages.